031020a110d86a4ac85dbab2a46c3470N[.]exe

General

Target

031020a110d86a4ac85dbab2a46c3470N.exe
Size

1.2MB
MD5

031020a110d86a4ac85dbab2a46c3470
SHA1

9bdf364450ba8fedc153be433a105f99411128da
SHA256

d709d976b129aa7cde0f806aaced1e8c3f0d1ed06ced9be63d811064e4db80a2
SHA512

2f220c95bcd08623d007bebb0d334d4b42c1ca0129ed222af54c9429405aed1767b1c16d4aa20077e83bcd675b413e2a05a01573b842ca99e0b2a7150df0ec68
SSDEEP

12288:zRMTmkJR4Do07Y86gw5CtCjX+NLuFhNpBeZT3X:zqSkQ/7Gb8NLEbeZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
031020a110d86a4ac85dbab2a46c3470N.exe

Files

031020a110d86a4ac85dbab2a46c3470N.exe
.exe windows:5 windows x86 arch:x86

579b5f18499395abcab1189f0e782536

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\jdk7_32P\jdk7\build\windows-i586\tmp\sun\launcher\jps\obj\jps.pdb

Imports

jli

JLI_Launch

msvcr100

_unlock
__dllonexit
_lock
?terminate@@YAXXZ
_except_handler4_common
_invoke_watson
_controlfp_s
_crt_debugger_hook
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__initenv
exit
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_onexit

kernel32

IsDebuggerPresent
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DecodePointer
SetUnhandledExceptionFilter
EncodePointer
HeapSetInformation
InterlockedCompareExchange
Sleep
InterlockedExchange
UnhandledExceptionFilter

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

579b5f18499395abcab1189f0e782536

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

jli

msvcr100

kernel32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 924B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 924B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1.1MB - Virtual size: 1.1MB